What is a computer worm, and how does it work?
Authored by a Symantec employee
A computer worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.
How do computer worms work?
Worms can be transmitted via software vulnerabilities. Or computer worms could arrive as attachments in spam emails or instant messages (IMs). Once opened, these files could provide a link to a malicious website or automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the machine without the user’s knowledge.
Worms can modify and delete files, and they can even inject additional malicious software onto a computer. Sometimes a computer worm’s purpose is only to make copies of itself over and over — depleting system resources, such as hard drive space or bandwidth, by overloading a shared network. In addition to wreaking havoc on a computer’s resources, worms can also steal data, install a backdoor, and allow a hacker to gain control over a computer and its system settings.
Stuxnet: the most famous computer worm
In July 2010, the first computer worm used as a cyber weapon was discovered by two security researchers after a long string of incidents in Iran. Dubbed “Stuxnet,” this worm appeared to be much more complex than the worms researchers were used to seeing. This attracted the interest of high-profile security specialists around the world, including Liam O’Murchu and Eric Chien of the Security Technology and Response (STAR) team at Symantec. Their extensive research led them to conclude that the worm was being used to attack an Iranian power plant, with the ultimate goal of sabotaging nuclear weapon production. Although the attack ultimately failed, this computer worm is still active on the threat landscape today.
How to tell if your computer has a worm
If you suspect your devices are infected with a computer worm, run a virus scan immediately. Even if the scan comes up negative, continue to be proactive by following these steps.
- Keep an eye on your hard drive space. When worms repeatedly replicate themselves, they start to use up the free space on your computer.
- Monitor speed and performance. Has your computer seemed a little sluggish lately? Are some of your programs crashing or not running properly? That could be a red flag that a worm is eating up your processing power.
- Be on the lookout for missing or new files. One function of a computer worm is to delete and replace files on a computer.
How to help protect against computer worms
Computer worms are just one example of malicious software. To help protect your computer from worms and other online threats, take these steps.
- Since software vulnerabilities are major infection vectors for computer worms, be sure your computer’s operating system and applications are up to date with the latest versions. Install these updates as soon as they’re available because updates often include patches for security flaws.
- Phishing is another popular way for hackers to spread worms (and other types of malware). Always be extra cautious when opening unsolicited emails, especially those from unknown senders that contain attachments or dubious links.
- Be sure to invest in a strong internet security software solution that can help block these threats. A good product should have anti-phishing technology as well as defenses against viruses, spyware, ransomware, and other online threats.
Cyber threats have evolved, and so have we.
Comprehensive protection from the ever-changing threats to your connected world. NortonTM 360 with LifeLockTM
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.